I'm not pretty sure, what your intention is. One possible approach would be to use a edit-field, which cannot be "spyed out" by the usual password crack programs. Then you should have a database which only stores the hash code of a password, not the plain password.

At login time, you only need to calculate the users hash, check against you "database" hash and thats it.